package org.lora.mvc.security.impl;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;
import org.lora.exception.WebSecurityException;
import org.lora.log4j.Log4jUtil;
import org.lora.mvc.security.entity.Principal;
import org.lora.mvc.security.entity.WebResource;

/**
 * <p>
 * 类名:DefaultSecurityServiceImpl
 * </p>
 * 描述:默认实现<br>
 * 创建时间:2016年7月31日 下午6:35:14<br>
 * 
 * @author Bladnir@outlook.com<br>
 *         修改历史:<br>
 *         2016年7月31日 Bladnir 创建<br>
 */
public class DefaultSecurityServiceImpl extends AbsSercurityService {

	private static final String LOGIN_URL = "/security/showLogin.do";

	private Logger bizLog = Log4jUtil.getBusinessLogger();

	/*
	 * 应用启动的时候调用此方法
	 * 
	 * @see org.lora.mvc.security.ISecurityService#initPrincipalPermission()
	 */
	@Override
	public void initPrincipalPermission() throws WebSecurityException {
		// just do nothing for now
	}

	/*
	 * 用户登录信息验证
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#loginValidate(javax.servlet
	 * .http.HttpServletRequest, javax.servlet.http.HttpServletResponse,
	 * org.lora.mvc.security.entity.Principal)
	 */
	@Override
	protected Principal loginValidate(HttpServletRequest request, HttpServletResponse response, Principal principal) {
		return principal;
	}

	/*
	 * 验证用户信息
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#validateRequestHandle(
	 * javax.servlet.http.HttpServletRequest,
	 * javax.servlet.http.HttpServletResponse,
	 * org.lora.mvc.security.entity.Principal,
	 * org.lora.mvc.security.entity.WebResource)
	 */
	@Override
	protected boolean validateRequestHandle(HttpServletRequest request, HttpServletResponse response, Principal principal,
			WebResource webResource) {
		return true;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#validateFailHandle(javax
	 * .servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse,
	 * org.lora.mvc.security.entity.WebResource)
	 * 
	 * 验证权限失败
	 */
	@Override
	protected void validateFailHandle(HttpServletRequest request, HttpServletResponse response, WebResource webResource) {
		bizLog.debug("[" + webResource.getUrl() + "] validate fail");
		redirectToLoginPage(request, response, LOGIN_URL);
	}

	/*
	 * 登陆成功
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#loginSuccessHandle(javax
	 * .servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
	 */
	@Override
	protected void loginSuccessHandle(HttpServletRequest request, HttpServletResponse response) {
		redirectToLoginPage(request, response, "/security/showIndex.do");
	}

	/*
	 * 登陆失败
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#loginFailHandle(javax.
	 * servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
	 */
	@Override
	protected void loginFailHandle(HttpServletRequest request, HttpServletResponse response) {
		redirectToLoginPage(request, response, LOGIN_URL);
	}

	/*
	 * 登出
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#logoutHandle(javax.servlet
	 * .http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
	 */
	@Override
	protected void logoutHandle(HttpServletRequest request, HttpServletResponse response) {
		redirectToLoginPage(request, response, LOGIN_URL);
	}

	/**
	 * 跳转页面
	 * 
	 * @param request
	 * @param response
	 * @param webResource
	 */
	private void redirectToLoginPage(HttpServletRequest request, HttpServletResponse response, String url) {
		try {
			response.sendRedirect(request.getContextPath() + url);
		} catch (IOException e) {
			bizLog.error(e.getMessage(), e);
		}
	}

}
